#mailinglists

Related news
  • Re: Local Rule Error

    Published: 20/02/2017
    Posted by wkitty42 on Feb 19 that'll do it every time :) the first thing i see is that you should add the classification... classtype:blahblah; select your classification from your classification ... Read more
    Source: seclists.org
  • Re: snort log formats: .log v.s .u2

    Published: 19/02/2017
    Posted by Marcin Dulak on Feb 19 Snort log output depends on what's in snort.conf and the command line switches like -y, -N. It takes some experimentation to figure out how they interact. Marcin ... Read more
    Source: seclists.org
  • snort log formats: .log v.s .u2

    Published: 19/02/2017
    Posted by Paul Li on Feb 18 I've experiencing inconsistent behavior of Snort generating log. (Using Snort 2.9.9 on Ubuntu 14.04.) After a fresh installation, the file format is .u2, but the log f ... Read more
    Source: seclists.org
  • Win.Malware.Disttrack

    Published: 19/02/2017
    Posted by Y M on Feb 18 Hello, The below signatures address the following hashes and the observed C&C traffic. Pcaps and samples should be publicly available. If not, please let me know. - f4d1831 ... Read more
    Source: seclists.org
  • Andr.Trojan.Femas (ViperRAT)

    Published: 19/02/2017
    Posted by Y M on Feb 18 Hello, The below signature was derived from the articles from the reference. No pcaps available. alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"MALWARE-CNC ... Read more
    Source: seclists.org
  • RFC 8092 on BGP Large Communities Attribute

    Published: 18/02/2017
    Posted by Greg Hankins on Feb 18 Hey NANOG, As a followup to our NANOG 68 presentation in Dallas on BGP Large Communites ( https://www.nanog.org/meetings/abstract?id=2990 ), RFC 8092 as just published ... Read more
    Source: seclists.org
  • Crashlytics via Umbrella FP

    Published: 18/02/2017
    Posted by James Lay on Feb 18 Appears to fire off: Feb 18 08:28:28 snort[10548]: [3:13667:18] PROTOCOL-DNS dns cache poisoning attempt [Classification: Misc Attack] [Priority: 2] {UDP} 208.67.220.220: ... Read more
    Source: seclists.org
  • Re: libnghttp2 query for snort 2.9.9.0

    Published: 18/02/2017
    Posted by tantioification . on Feb 17 i've tried to install Snort 2.9.9.0 on CentOS 7 and yes CentOS requires libnghttp2 as depedency. Both of them from source and yum. Before you install libnght ... Read more
    Source: seclists.org
  • Re: Osx.Adware.Pirrit

    Published: 17/02/2017
    Posted by Tyler Montier on Feb 17 Yaser, Thanks for your submission. We will review the rules and get back to you when they're finished. Thanks, Tyler Montier Cisco Talos ------------------------ ... Read more
    Source: seclists.org
  • Re: Osx.Trojan.OceanLotus

    Published: 17/02/2017
    Posted by Tyler Montier on Feb 17 Yaser, Thanks for your submission. We will review the rule and get back to you when its finished. Sincerely, Tyler Montier Cisco Talos ------------------------------- ... Read more
    Source: seclists.org
  • Re: Osx.Adware.IronCore

    Published: 17/02/2017
    Posted by Tyler Montier on Feb 17 Yaser, Thanks for your submission. We will review the rules and get back to you when they're finished. Since you have a pcap available, could you send it my way? ... Read more
    Source: seclists.org
  • Engineering contact at RocketFiber

    Published: 17/02/2017
    Posted by Eric Dugas on Feb 17 Anyone from RocketFiber's engineering group on this list? Contact me off-list please! Eric Read more
    Source: seclists.org
  • Snort Subscriber Rules Update 2017-02-16

    Published: 17/02/2017
    Posted by Research on Feb 16 Talos Snort Subscriber Rules Update Synopsis: This release adds and modifies rules in several categories. Details: Talos has added and modified multiple rules in the black ... Read more
    Source: seclists.org
  • Re: Ncrack rdp issue

    Published: 16/02/2017
    Posted by Fotis Chantzis on Feb 16 Hello, Ncrack RDP should be working properly against Windows Server 2003 and 2008. Could you provide us with a tcpdump/wireshark dump to see what is going on there? ... Read more
    Source: seclists.org
  • Re: Zombie detection rules

    Published: 16/02/2017
    Posted by Jack Pepper on Feb 16 I must confess to being somewhat disappointed that this thread was not actually about detecting the zombie apocalypse ....... ------------------------------------------ ... Read more
    Source: seclists.org
FACEBOOK